Be a Supporter!

The Flash 'Reg' Lounge

  • 1,617,185 Views
  • 64,485 Replies
New Topic Respond to this Topic
TheNavigat
TheNavigat
  • Member since: Mar. 2, 2013
  • Offline.
Forum Stats
Member
Level 04
Programmer
Response to The Flash 'Reg' Lounge 2013-05-08 02:03:35 Reply

At 5/8/13 01:56 AM, egg82 wrote:
At 5/8/13 01:50 AM, TheNavigat wrote: *After googling it and trying to avoid being a bad*** *

Oh.. More details about using that with PHP, please? :)
right, yeah, that's what I thought you were asking.
Flash's security is tighter than a fly's anus, you can't access any data from a server without the server's permission in the form of a strictly-typed XML file. Specifically, crossdomain.xml
Use the Security class to add the site to the list of security exceptions (client-side access) and the same class to load the policy file (server-side access) to finally allow data to travel between the two. Same with Sockets, or any type of data in any way, shape, or form (aside from uploading and downloading, for some unknown reason) - you need the crossdomain.xml file

THAT IS AWESOME! Thanks a lot!

But the problem is that this way, I need to protect the second SWF, which will have access to the PHP script to perform actions, so no one can download it for example, and therefore be able to decrypt it, and ruin everything. I guess using .htaccess to allow only this SWF would work, but the problem is that the SWF works locally, so I guess the IP added would belong to the user, not the website. What do you think?

And thanks, again :)


Nav.. I'm the Nav!

egg82
egg82
  • Member since: Jun. 24, 2006
  • Offline.
Forum Stats
Supporter
Level 05
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-08 02:07:12 Reply

At 5/8/13 02:03 AM, TheNavigat wrote: But the problem is that this way, I need to protect the second SWF, which will have access to the PHP script to perform actions, so no one can download it for example, and therefore be able to decrypt it, and ruin everything. I guess using .htaccess to allow only this SWF would work, but the problem is that the SWF works locally, so I guess the IP added would belong to the user, not the website. What do you think?

I think it's cute that you think a client-side program is secure :P
Seriously, you can't protect your client-side stuff. It's just not gonna happen. Don't count on "encrypted" being secure (because you don't encrypt ByteCode, you obfuscate it, which is soooooo much less secure)


Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P

BBS Signature
TheNavigat
TheNavigat
  • Member since: Mar. 2, 2013
  • Offline.
Forum Stats
Member
Level 04
Programmer
Response to The Flash 'Reg' Lounge 2013-05-08 02:33:05 Reply

At 5/8/13 02:07 AM, egg82 wrote:
At 5/8/13 02:03 AM, TheNavigat wrote: But the problem is that this way, I need to protect the second SWF, which will have access to the PHP script to perform actions, so no one can download it for example, and therefore be able to decrypt it, and ruin everything. I guess using .htaccess to allow only this SWF would work, but the problem is that the SWF works locally, so I guess the IP added would belong to the user, not the website. What do you think?
I think it's cute that you think a client-side program is secure :P
Seriously, you can't protect your client-side stuff. It's just not gonna happen. Don't count on "encrypted" being secure (because you don't encrypt ByteCode, you obfuscate it, which is soooooo much less secure)

What I'm saying (as an approach) here, is to connect the first SWF (which is the client one, the game itself), to the second SWF (which has access to the PHP script). The second SWF has allowDomain implemented, so only the first SWF will work, and even if it's decrypted, the guy can't send anything to the second SWF. I guess that's kinda secure :/ The problem is preventing any access of the second .SWF though, I believe :/

Plus that the PHP script itself allows specific actions. The second SWF sends POST requests, and not SQL statements.

I'm lost again, I guess.


Nav.. I'm the Nav!

GeoKureli
GeoKureli
  • Member since: Apr. 1, 2003
  • Offline.
Forum Stats
Supporter
Level 19
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-08 08:29:53 Reply

I discovered, today, that I suck at level design. It's arguably the most important part of any game, but I always just make the controls and physics and pass of the level design to someone to save time. Any platformer level tips?

I made up a test level

The ladder mechanics need some work, the exit door doesn't do anything yet, and buttons don't reset.

The idea, is that each level is made for 2 game modes. The thief collects as much as he can, the door won't open until all the buttons are pushed, and all of the trophies are collected. or can avoid anything gold, and the door will open when all of the buttons are pressed. but if you collect 1 gold coin or trophy the door is locked and you must complete it the thieves way.

P.S. Stumbled upon the first game I ever made. I believe i was trying to rip-off this game.

TheNavigat
TheNavigat
  • Member since: Mar. 2, 2013
  • Offline.
Forum Stats
Member
Level 04
Programmer
Response to The Flash 'Reg' Lounge 2013-05-08 11:18:05 Reply

At 5/8/13 08:29 AM, GeoKureli wrote: I discovered, today, that I suck at level design. It's arguably the most important part of any game, but I always just make the controls and physics and pass of the level design to someone to save time. Any platformer level tips?

I made up a test level

The ladder mechanics need some work, the exit door doesn't do anything yet, and buttons don't reset.

The idea, is that each level is made for 2 game modes. The thief collects as much as he can, the door won't open until all the buttons are pushed, and all of the trophies are collected. or can avoid anything gold, and the door will open when all of the buttons are pressed. but if you collect 1 gold coin or trophy the door is locked and you must complete it the thieves way.

P.S. Stumbled upon the first game I ever made. I believe i was trying to rip-off this game.

For me, I let the graphics guy do the job.. We programmers have worse imaginations, you know .___.

I like the ball game :) I wonder what the algorithms for the rotation and the shadow sizing were.


Nav.. I'm the Nav!

GeoKureli
GeoKureli
  • Member since: Apr. 1, 2003
  • Offline.
Forum Stats
Supporter
Level 19
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-08 11:23:21 Reply

At 5/8/13 11:18 AM, TheNavigat wrote: We programmers have worse imaginations, you know .___.

I'll let that slide because you're new here.

I like the ball game :) I wonder what the algorithms for the rotation and the shadow sizing were.
D
swishcheese
swishcheese
  • Member since: May. 12, 2007
  • Offline.
Forum Stats
Member
Level 14
Programmer
Response to The Flash 'Reg' Lounge 2013-05-08 11:45:42 Reply

At 5/8/13 08:29 AM, GeoKureli wrote: I discovered, today, that I suck at level design. It's arguably the most important part of any game, but I always just make the controls and physics and pass of the level design to someone to save time. Any platformer level tips?

I made up a test level

The ladder mechanics need some work, the exit door doesn't do anything yet, and buttons don't reset.

Cooool. Platformer is looking good. Yea, ladder needs some work as you stated. Doing good so far. How long did that take you? I know you were working on that baseball game so I'm just curious.

As for level design tips. Well, all depends the style of the game, but I like making levels very hard / only one or two ways to beat the level. Which works out well for retro style games.

For your platformer, with the thieves thing I think it would be good to put gold in hard spots to get. Also putting gold below traps and they have to go elsewhere to press button that disables the trap. Then like you said difficulty would be spread out depending on how they want to play it, and of course they get rewarded if they go thieves way :P

Soo, when designing I guess my tip is make levels however you feel, making a basic path first. maybe draw a smiley face for a level, etc. Then work on placing your gold and making it hard to get too and maybe put few other traps along the basic path. Goodluck.


BBS Signature
GeoKureli
GeoKureli
  • Member since: Apr. 1, 2003
  • Offline.
Forum Stats
Supporter
Level 19
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-08 12:02:24 Reply

At 5/8/13 11:45 AM, swishcheese wrote: Cooool. Platformer is looking good. Yea, ladder needs some work as you stated. Doing good so far. How long did that take you? I know you were working on that baseball game so I'm just curious.

The game jam started last Tuesday, I'm still working on the baseball game too.

For your platformer, with the thieves thing I think it would be good to put gold in hard spots to get. Also putting gold below traps and they have to go elsewhere to press button that disables the trap. Then like you said difficulty would be spread out depending on how they want to play it, and of course they get rewarded if they go thieves way :P

I don't think I'm ever going to explicitly tell them that there's a different reward for not stealing. I'll just constantly speak ill of the players morals, and spout off preachy messages about how stealing is wrong between levels until the player figures it out. but the reward for not stealing will definitely be greater, if i had time for rewards

At 5/8/13 11:23 AM, GeoKureli wrote: I'll let that slide because you're new here.

@ navigat I was totally joking by the way, welcome and such and such

swishcheese
swishcheese
  • Member since: May. 12, 2007
  • Offline.
Forum Stats
Member
Level 14
Programmer
Response to The Flash 'Reg' Lounge 2013-05-08 12:10:32 Reply

Ohh okay. That sounds cool. So basically placing gold can be an obstacle. That is neat idea. As he collects more gold is he not going to be able to jump as high as a penalty as well??

I cant wait play this game and hear the hints about good morals and such. I love little side story things like that.


BBS Signature
GeoKureli
GeoKureli
  • Member since: Apr. 1, 2003
  • Offline.
Forum Stats
Supporter
Level 19
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-08 12:24:11 Reply

At 5/8/13 12:10 PM, swishcheese wrote: Ohh okay. That sounds cool. So basically placing gold can be an obstacle. That is neat idea. As he collects more gold is he not going to be able to jump as high as a penalty as well??

gold wont affect your abilities, treasures do (previously trophies, now it's the gems).

I cant wait play this game and hear the hints about good morals and such. I love little side story things like that.

me too, I just hope i have time.

I hope I have time. if anyone wants to come up with some preachy intermission guilt inducing quotes I'd be totally in your debt

egg82
egg82
  • Member since: Jun. 24, 2006
  • Offline.
Forum Stats
Supporter
Level 05
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-08 13:08:59 Reply

At 5/8/13 02:33 AM, TheNavigat wrote: What I'm saying (as an approach) here, is to connect the first SWF (which is the client one, the game itself), to the second SWF (which has access to the PHP script). The second SWF has allowDomain implemented, so only the first SWF will work, and even if it's decrypted, the guy can't send anything to the second SWF. I guess that's kinda secure :/ The problem is preventing any access of the second .SWF though, I believe :/

Plus that the PHP script itself allows specific actions. The second SWF sends POST requests, and not SQL statements.

I'm lost again, I guess.

Flash doesn't quite work that way. In order to be a Flash server (use the ServerSocket and DatagramSocket classes) the server would need to be a desktop AIR application, and you would still need to load a policy file from that server.
If you're interested in source code on how that works, check here.
On a side note, if the swf is on the same site (the same computer?) as the content it's accessing, it doesn't need to go through the security hoops.

Also, the on-site swf can be downloaded quite easily. Don't count on that as being secure, Flash is NOT a server-side anything.

PHP's slow and it's easy to create insecure code, but it works I suppose.
First rule of security is to think that every person in the world is the spawn of satan and wants to destroy you website using every method imaginable, and you're the only person stopping them.
Yeah, security's a tad depressing.


Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P

BBS Signature
TheNavigat
TheNavigat
  • Member since: Mar. 2, 2013
  • Offline.
Forum Stats
Member
Level 04
Programmer
Response to The Flash 'Reg' Lounge 2013-05-08 13:40:10 Reply

Geo, I see :) No probs :)

So, let me show you the thing I'm working on. http://blog.unlicrea.com/were-alive-probably/ , and slide down a little bit till you see that "start" button. Yea, it's flash, not an image, LOL.


Nav.. I'm the Nav!

TheNavigat
TheNavigat
  • Member since: Mar. 2, 2013
  • Offline.
Forum Stats
Member
Level 04
Programmer
Response to The Flash 'Reg' Lounge 2013-05-08 13:46:18 Reply

At 5/8/13 01:08 PM, egg82 wrote:
At 5/8/13 02:33 AM, TheNavigat wrote: What I'm saying (as an approach) here, is to connect the first SWF (which is the client one, the game itself), to the second SWF (which has access to the PHP script). The second SWF has allowDomain implemented, so only the first SWF will work, and even if it's decrypted, the guy can't send anything to the second SWF. I guess that's kinda secure :/ The problem is preventing any access of the second .SWF though, I believe :/

Plus that the PHP script itself allows specific actions. The second SWF sends POST requests, and not SQL statements.

I'm lost again, I guess.
Flash doesn't quite work that way. In order to be a Flash server (use the ServerSocket and DatagramSocket classes) the server would need to be a desktop AIR application, and you would still need to load a policy file from that server.
If you're interested in source code on how that works, check here.
On a side note, if the swf is on the same site (the same computer?) as the content it's accessing, it doesn't need to go through the security hoops.

Also, the on-site swf can be downloaded quite easily. Don't count on that as being secure, Flash is NOT a server-side anything.

PHP's slow and it's easy to create insecure code, but it works I suppose.
First rule of security is to think that every person in the world is the spawn of satan and wants to destroy you website using every method imaginable, and you're the only person stopping them.
Yeah, security's a tad depressing.

I'm a PHP freelancer on the other hand, so yea I know these stuff, and I always make very secured apps, fortunately, up till now, they were never hacked, not even "altered", but when I saw flash, it was a big block and I figured out that it will be semi-impossible to make it completely secured, like the apps I made. The definition of "completely secured" for me is that I'll be sitting there knowing that every single way of breaking an app that I know won't work, but for Flash it's different, I'm like "Oh, I know that the guy can do X, Y and Z. Let's just hope he isn't that much good, or patient".

The Flash SWF isn't the server, it CONTACTS the server. The problem is, how can the server confirm that it's indeed the game? That's the whole thing.

Also, PHP is EXTREMELY secured if the right guy's doing the right job ;)


Nav.. I'm the Nav!

egg82
egg82
  • Member since: Jun. 24, 2006
  • Offline.
Forum Stats
Supporter
Level 05
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-08 16:06:06 Reply

I have a class to get to, and I was supposed to leave five minutes ago, but i'll leave this here for now:
http://www.exploit-db.com/search/?action=search&filter_page=
1&filter_description=PHP&filter_exploit_text=&filter_author=
&filter_platform=0&filter_type=0&filter_lang_id=0&filter_por t=&filter_osvdb=&filter_cve=


Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P

BBS Signature
nitokov
nitokov
  • Member since: May. 8, 2012
  • Offline.
Forum Stats
Member
Level 05
Programmer
Response to The Flash 'Reg' Lounge 2013-05-08 17:24:46 Reply

isn't it cool that in flashDevelp you can zoom all the way out your code, and it looks like little city or idk... something

The Flash 'Reg' Lounge


RangeError: Error #1125: The index 4 is out of range 4.

GeoKureli
GeoKureli
  • Member since: Apr. 1, 2003
  • Offline.
Forum Stats
Supporter
Level 19
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-08 21:02:02 Reply

At 5/8/13 05:24 PM, nitokov wrote: isn't it cool that in flashDevelp you can zoom all the way out your code, and it looks like little city or idk... something

yes I always imagine my code is a city or machine gun barrels

egg82
egg82
  • Member since: Jun. 24, 2006
  • Offline.
Forum Stats
Supporter
Level 05
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-08 21:22:56 Reply

At 5/8/13 09:02 PM, GeoKureli wrote:
At 5/8/13 05:24 PM, nitokov wrote: isn't it cool that in flashDevelp you can zoom all the way out your code, and it looks like little city or idk... something
yes I always imagine my code is a city or machine gun barrels

What in the world is wrong with you people? xD
Personally, I just enjoy making small, helpful classes and watching them work and work together. I might just be really boring, though.


Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P

BBS Signature
MSGhero
MSGhero
  • Member since: Dec. 15, 2010
  • Online!
Forum Stats
Supporter
Level 16
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-08 21:39:13 Reply

Notice the scrollbar. Notice that every function is minimized. I'm not proud. I've learned my lesson. It was a dark time for me. Never again. I have many state and manager classes now. I have a bright future ahead.

The Flash 'Reg' Lounge

swishcheese
swishcheese
  • Member since: May. 12, 2007
  • Offline.
Forum Stats
Member
Level 14
Programmer
Response to The Flash 'Reg' Lounge 2013-05-09 00:26:02 Reply

Ummmmmm. yeaaa. Guess mine looks like a huge skyscraper. lol. Those are hard coded arrays that represent the of levels my tile-based game....

The Flash 'Reg' Lounge


BBS Signature
GeoKureli
GeoKureli
  • Member since: Apr. 1, 2003
  • Offline.
Forum Stats
Supporter
Level 19
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-09 00:28:38 Reply

The sprites I'm using for my thieve game are things I had laying around from a future project loosely titled: "Marvin Gaye's Rhythm Hop". I just realized that it be a bad idea making my thief black, and having demeaning phrases pop up about him, and that I'm probably not going to find an artist to draw new sprites in time. So, I'm just setting the record straight and publicly announcing that I'm not racist.

swishcheese
swishcheese
  • Member since: May. 12, 2007
  • Offline.
Forum Stats
Member
Level 14
Programmer
Response to The Flash 'Reg' Lounge 2013-05-09 00:46:54 Reply

At 5/9/13 12:28 AM, GeoKureli wrote: The sprites I'm using for my thieve game are things I had laying around from a future project loosely titled: "Marvin Gaye's Rhythm Hop". I just realized that it be a bad idea making my thief black, and having demeaning phrases pop up about him, and that I'm probably not going to find an artist to draw new sprites in time. So, I'm just setting the record straight and publicly announcing that I'm not racist.

LOL. I do not think anyone will take offense. The demeaning phrases will be general and will not be talking about his race, but about his thievery actions. But I could re-color that sprite for you if you'd like. No charge or anything of course, will not be to tough. lol.


BBS Signature
GeoKureli
GeoKureli
  • Member since: Apr. 1, 2003
  • Offline.
Forum Stats
Supporter
Level 19
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-09 00:56:21 Reply

At 5/9/13 12:46 AM, swishcheese wrote: LOL. I do not think anyone will take offense. The demeaning phrases will be general and will not be talking about his race, but about his thievery actions. But I could re-color that sprite for you if you'd like. No charge or anything of course, will not be to tough. lol.

That would be awesome, now I totally won't seem racist. Make that dirty thief an Irish readhead, you know those micks got sticky fingers.

http://www.newgrounds.com/dump/item/0123122bebf7e2a63e8739be ea2db337

MSGhero
MSGhero
  • Member since: Dec. 15, 2010
  • Online!
Forum Stats
Supporter
Level 16
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-09 01:24:56 Reply

At 5/9/13 12:28 AM, GeoKureli wrote:

So, I'm just setting the record straight and publicly announcing that I'm not racist.

I appreciate it.

swishcheese
swishcheese
  • Member since: May. 12, 2007
  • Offline.
Forum Stats
Member
Level 14
Programmer
Response to The Flash 'Reg' Lounge 2013-05-09 01:47:26 Reply

At 5/9/13 12:56 AM, GeoKureli wrote:
At 5/9/13 12:46 AM, swishcheese wrote: LOL. I do not think anyone will take offense. The demeaning phrases will be general and will not be talking about his race, but about his thievery actions. But I could re-color that sprite for you if you'd like. No charge or anything of course, will not be to tough. lol.
That would be awesome, now I totally won't seem racist. Make that dirty thief an Irish readhead, you know those micks got sticky fingers.

http://www.newgrounds.com/dump/item/0123122bebf7e2a63e8739be ea2db337

:D here you go

Let me know if you like that. I noticed in your game guy had blue clothes too. So let me know if you want me to make his clothes blue.


BBS Signature
GeoKureli
GeoKureli
  • Member since: Apr. 1, 2003
  • Offline.
Forum Stats
Supporter
Level 19
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-09 01:56:34 Reply

At 5/9/13 01:47 AM, swishcheese wrote:
D here you go

This is perfect! I didn't know you were this good at pixel art.

Let me know if you like that. I noticed in your game guy had blue clothes too. So let me know if you want me to make his clothes blue.

I de-saturated his clothes to make him look more like a burglar

swishcheese
swishcheese
  • Member since: May. 12, 2007
  • Offline.
Forum Stats
Member
Level 14
Programmer
Response to The Flash 'Reg' Lounge 2013-05-09 02:01:36 Reply

At 5/9/13 01:56 AM, GeoKureli wrote:
At 5/9/13 01:47 AM, swishcheese wrote:
D here you go
This is perfect! I didn't know you were this good at pixel art.

Let me know if you like that. I noticed in your game guy had blue clothes too. So let me know if you want me to make his clothes blue.
I de-saturated his clothes to make him look more like a burglar

Lol. no no, your artist is the good pixel artist. I just changed some colors around :P here is my pixel. wish i was as good as your artist!


BBS Signature
GeoKureli
GeoKureli
  • Member since: Apr. 1, 2003
  • Offline.
Forum Stats
Supporter
Level 19
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-09 02:04:32 Reply

At 5/9/13 02:01 AM, swishcheese wrote: Lol. no no, your artist is the good pixel artist. I just changed some colors around :P here is my pixel. wish i was as good as your artist!

better than I could do.

anyone notice when you update your NG project details it take 3 refeshes to see the new one? even if i wait for hours, still 3. it is a browser thing or a problem with NG?

MSGhero
MSGhero
  • Member since: Dec. 15, 2010
  • Online!
Forum Stats
Supporter
Level 16
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-09 02:07:17 Reply

At 5/9/13 02:04 AM, GeoKureli wrote:
At 5/9/13 02:01 AM, swishcheese wrote: Lol. no no, your artist is the good pixel artist. I just changed some colors around :P here is my pixel. wish i was as good as your artist!
better than I could do.

anyone notice when you update your NG project details it take 3 refeshes to see the new one? even if i wait for hours, still 3. it is a browser thing or a problem with NG?

When I empty my cache, it refreshes, so it's something to do with that. I had to say that every time I added or fixed something in the rpg or else the artist would think I'm crazy.

Also 1000 posts, let me join the cool kids club now.

swishcheese
swishcheese
  • Member since: May. 12, 2007
  • Offline.
Forum Stats
Member
Level 14
Programmer
Response to The Flash 'Reg' Lounge 2013-05-09 02:15:57 Reply

Yeah. I noticed that too. I thought it was because it was the same file name and same location. So i copy and put in different location with different name and uploaded. It work, but it might have been because I tried it two other times without doing that. lol.


BBS Signature
GeoKureli
GeoKureli
  • Member since: Apr. 1, 2003
  • Offline.
Forum Stats
Supporter
Level 19
Game Developer
Response to The Flash 'Reg' Lounge 2013-05-09 02:51:49 Reply

At 5/9/13 02:07 AM, MSGhero wrote: When I empty my cache, it refreshes, so it's something to do with that. I had to say that every time I added or fixed something in the rpg or else the artist would think I'm crazy.

Also 1000 posts, let me join the cool kids club now.

A box of kittens has been sent to your home. This only happens if you acknowledge your post count in the milestone post. I just realized I missed 5,555th post.

At 5/9/13 02:15 AM, swishcheese wrote: Yeah. I noticed that too. I thought it was because it was the same file name and same location. So i copy and put in different location with different name and uploaded. It work, but it might have been because I tried it two other times without doing that. lol.

maybe chrome clears the saved copy if you refresh the page twice within a time limit?